M&S is still struggling to deal with the fallout from its recent cyber-attack, with IT systems in critical business functions still not fully up and running to pre-attack levels, Retail Week understands.

Only this week, Marks & Spencer celebrated the relaunch of its click and collect service for customer, and said that all its customer facing systems are now back up and running to pre-attack levels.

However, internally, critical teams such as buying and merchandising are still struggling to deal with faulty internal systems that have not fully recovered from the cyber-attack which struck the busines back in April.

Retail Week also understands that M&S implemented a hiring freeze as a direct result of the attack, which is still in place in certain internal functions, which is only adding to the pressure staff in affected teams are feeling.

Sources close to the business have said that work internally is pilling up and that some staff have either already left M&S or are looking to leave due to the ongoing issues. 

M&S has estimated that the cyber attack cost them £300m in lost profits and has been working to mitigate the financial impact through insurance and other measures.

The attack left M&S stricken for months, and forced it to shut down online ordering through its website and mobile app on April 25 after experiencing disruptions during the Easter weekend. The attack also caused contactless payment systems and click-and-collect services to fail in physical stores. 

A spokeswoman for M&S said: “Customers have been able to shop in store as normal for some time and this week we welcomed back Click and Collect and next day delivery so the online shopping experience across Fashion, Home and Beauty is back to normal. We also have a lot of newness landing at an increased pace, both in store and online.”

In an appearance in front of MPs in early July, M&S chair Archie Norman described the cyber-attack as “an out of body experience” and compared it to a hostile takeover of the business. 

“In the business world we’re used to competing, we’re used to dealing with customers, and products that work or don’t work,” he said. 

“But it’s very rare to have a criminal actor in another country – or in this country, we’re never quite sure – seeking to stop customers shopping at M&S, essentially trying to destroy your business.”

A month ago, the police made four arrests in connection with the attacks, which hit both M&S and Harrods as well as convenience store specialist the Co-op.

Topics